Posted
by
EditorDavid
on Saturday June 17, 2017 @07:06PM
from the end-times-for-end-user-license-agreements dept.

mikeatTB shares an article from TechRepublic:
Software engineers have largely failed at security. Even with the move toward more agile development and DevOps, vulnerabilities continue to take off... Things have been this way for decades, but the status quo might soon be rocked as software takes an increasingly starring role in an expanding range of products whose failure could result in bodily harm and even death. Anything less than such a threat might not be able to budge software engineers into taking greater security precautions. While agile and DevOps are belatedly taking on the problems of creating secure software, the original Agile Manifesto did not acknowledge the threat of vulnerabilities as a problem, but focused on "working software [as] the primary measure of progress..."

"People are doing exactly what they are being incentivized to do," says Joshua Corman, director of the Cyber Statecraft Initiative for the Atlantic Council and a founder of the Rugged Manifesto, a riff on the original Agile Manifesto with a skew toward security. "There is no software liability and there is no standard of care or 'building code' for software, so as a result, there are security holes in your [products] that are allowing attackers to compromise you over and over." Instead, almost every software program comes with a disclaimer to dodge liability for issues caused by the software. End-User License Agreements (EULAs) have been the primary way that software makers have escaped liability for vulnerabilities for the past three decades. Experts see that changing, however.
The article suggests incentives for security should be built into the development process -- with one security professional warning that in the future, "legal precedent will likely result in companies absorbing the risk of open source code."

Posted
by
EditorDavid
on Saturday June 17, 2017 @06:02PM
from the real-world-problems dept.

An anonymous reader quotes Bloomberg:
Demand for digital coins is soaring in Venezuela amid an escalating political crisis that has protesters demanding that President Nicolas Maduro step down. Inflation has spiraled to the triple digits, debasing the bolivar and depleting savings, while citizens struggle to find everything from food to medicine on store shelves. "If you're going to be in something volatile, you might as well be in something that's volatile and rising than volatile and falling," says Ryan Taylor, chief executive officer of crypto currency Dash Core, the third-largest digital coin by number of transactions... Bitcoin trading volume in Venezuela jumped to $1.3 million this week, about double the amount that changed hands two months ago, according to LocalBitcoins.com...

Venezuela's currency has become nearly worthless in the black market, where it takes more than 6,000 bolivars to buy $1, while bitcoin surged 53 percent in the past month alone. But it's not just about shielding against the falling bolivar, as some Venezuelans are using crypto currencies to buy and sell everyday goods and services, according to Jorge Farias, the CEO of Cryptobuyer.

Posted
by
EditorDavid
on Saturday June 17, 2017 @04:58PM
from the making-build dept.

Christophe de Dinechin created the XL programming language -- and as descubes he's also Slashdot reader #35,093. Today he shares his latest project, a simple makefile-based build system that he's split from ELFE/XL:
Most open-source projects use tools such as autoconf and automake. For C and C++ projects, build is a make-based alternative that offers auto-configuration, build logs, colorization, testing and install targets, in about 1000 lines of makefile. A sample makefile looks like this:

The protocol got a lot of attention recently as it was the main infection vector for the WannaCry ransomware. Microsoft officially confirmed Tuesday that it will not ship SMBv1 with the Fall Creators Update. This change will affect only users performing clean installs, and will not be shipped as an update. This means Microsoft decision will not affect existing Windows installations, where SMBv1 might be part of a critical system.

Posted
by
EditorDavid
on Saturday June 17, 2017 @02:52PM
from the filtering-on-demand dept.

Last December VidAngel fought three Hollywood studios in court for the right to stream filtered versions of movies. Now fogez reports that "they have come up with a new tactic in their attempts to bring filtering choice into the streaming media equation. Instead of leveraging the legal loophole that landed them in court, VidAngel is now going to insert themselves as a filtering proxy for services like Netflix and Amazon." From the Hollywood Reporter:Its new $7.99 per month service piggybacks on users' streaming accounts. Customers log into the VidAngel app, link it to their other accounts and then filter out the language, nudity and violence in that content to their heart's desire... "Out of the gate we'll be supporting Netflix and Amazon and HBO through Amazon channels," says Harmon, adding that Hulu, iTunes and Vudu will follow... Harmon says it remains to be seen if the studios will fight VidAngel's new platform, but his biggest concern is how Amazon and Netflix will respond. He says his company has reached out to the streamers, and he hopes they'll raise any concerns through conversation instead of litigation... "VidAngel's philosophy is very libertarian," he says. "Let directors create what they want, and let viewers watch how they want in their own home. That kind of philosophy respects the views of both parties."The original submission describes the conflict as a "freedom of choice versus Hollywood."

Posted
by
EditorDavid
on Saturday June 17, 2017 @01:46PM
from the Alto-from-Palo-Alto dept.

An anonymous reader quotes Ars Technica:
Charles Thacker, one of the lead hardware designers on the Xerox Alto, the first modern personal computer, died of a brief illness on Monday. He was 74. The Alto, which was released in 1973 but was never a commercial success, was an incredibly influential machine... Thomas Haigh, a computer historian and professor at the University of Wisconsin, Milwaukee, wrote in an email to Ars, "Alto is the direct ancestor of today's personal computers. It provided the model: GUI, windows, high-resolution screen, Ethernet, mouse, etc. that the computer industry spent the next 15 years catching up to. Of course others like Alan Kay and Butler Lampson spent years evolving the software side of the platform, but without Thacker's creation of what was, by the standards of the early 1970s, an amazingly powerful personal hardware platform, none of that other work would have been possible."
In 1999 Thacker also designed the hardware for Microsoft's Tablet PC, "which was first conceived of by his PARC colleague Alan Kay during the early 1970s," according to the article. "I've found over my career that it's been very difficult to predict the future," Thacker said in a guest lecture in 2013. "People who tried to do it generally wind up being wrong."

Posted
by
EditorDavid
on Saturday June 17, 2017 @12:42PM
from the Alexa,-start-Colossal-Cave dept.

Last month Eric Raymond announced the open sourcing of the world's very first text adventure. Now Slashdot reader teri1337 brings news about their own special project:
A few old-timers here may recall with fond memories the phrase "Somewhere nearby is Colossal Cave..." Well, a voice-playable version of Colossal Cave "Adventure" is now available on Amazon Echo devices as a [free] Alexa Skill. This is a port of the original 1976 text adventure game written by Willie Crowther and Don Woods, which started the interactive fiction genre and led to later games like Infocom's Zork. This version was written from scratch as an AWS Lamda function incorporating the original 350-point game database, and made available with permission from Don Woods.

Posted
by
EditorDavid
on Saturday June 17, 2017 @11:38AM
from the warring-on-terror dept.

An anonymous reader quotes the New York Times:
It has been more than a year since the Pentagon announced that it was opening a new line of combat against the Islamic State, directing Cyber Command, then six years old, to mount computer-network attacks... "In general, there was some sense of disappointment in the overall ability for cyberoperations to land a major blow against ISIS," or the Islamic State, said Joshua Geltzer, who was the senior director for counterterrorism at the National Security Council until March. "This is just much harder in practice than people think..."

Even one of the rare successes against the Islamic State belongs at least in part to Israel, which was America's partner in the attacks against Iran's nuclear facilities. Top Israeli cyberoperators penetrated a small cell of extremist bombmakers in Syria months ago, the officials said. That was how the United States learned that the terrorist group was working to make explosives that fooled airport X-ray machines and other screening by looking exactly like batteries for laptop computers... The information helped prompt a ban in March on large electronic devices in carry-on luggage on flights from 10 airports in eight Muslim-majority countries to the United States and Britain.
Citing military officials, the Times also reports that "locking Islamic State propaganda specialists out of their accounts -- or using the coordinates of their phones and computers to target them for a drone attack -- is now standard operating procedure."

Posted
by
BeauHDon Saturday June 17, 2017 @09:00AM
from the change-it-up dept.

Jonathan Johnston reports via Quartz: Around one in five people in Western countries could be putting their health at risk simply by going to work. This is because working shifts outside of the rest of the population's normal hours has been linked to obesity, diabetes, heart disease, cancer and even declines in brain function. Scientists think this is because our bodies are programmed to run on cycles known as circadian rhythms, and changes in our routine caused by shift work or traveling long distances disrupts those rhythms. But our new research suggests that the effects of shift work or jet lag on our body clocks could be reduced simply by changing the times at which people eat. The key to this theory is the idea that each person doesn't just have a single body clock but rather a complex network of billions of cellular clocks found throughout the body. In humans and other mammals, there is a master clock within a region of the brain called the suprachiasmatic nuclei (SCN) and many peripheral clocks found elsewhere. For our research, we wanted to see how one aspect of this approach -- changing meal times -- affected circadian rhythms. We found that delaying meals by a certain amount caused a similar shift in some peripheral clocks, without changing the master clock. This is important because research in animals suggests peripheral clocks take longer to adjust to a new routine.

Posted
by
BeauHDon Saturday June 17, 2017 @06:00AM
from the significant-chunk-of-change dept.

An anonymous reader quotes a report from Ars Technica: In 2014, the U.S. Government Accountability Office issued a report on cost estimates for the U.S. Air Force's program to launch national security payloads, which at the time consisted of a fleet of rockets maintained and flown entirely by United Launch Alliance (ULA). The report was critical of the non-transparent nature of ULA's launch prices and noted that the government "lacked sufficient knowledge to negotiate fair and reasonable launch prices" with the monopoly. At around the same time, the new space rocket company SpaceX began to aggressively pursue the opportunity to launch national security payloads for the government. SpaceX claimed to offer a substantially lower price for delivering satellites into various orbits around Earth. But because of the lack of transparency, comparing prices was difficult. The Air Force recently released budget estimates for fiscal year 2018, and these include a run out into the early 2020s. For these years, the budget combines the fixed price rocket and ELC contract costs into a single budget line. (See page 109 of this document). They are strikingly high. According to the Air Force estimate, the "unit cost" of a single rocket launch in fiscal year 2020 is $422 million, and $424 million for a year later. SpaceX sells basic commercial launches of its Falcon 9 rocket for about $65 million. But, for military launches, there are additional range costs and service contracts that add tens of millions of dollars to the total price. It therefore seems possible that SpaceX is taking a loss or launching at little or no profit to undercut its rival and gain market share in the high-volume military launch market. Elon Musk retweeted the article, adding "$300M cost diff between SpaceX and Boeing/Lockheed exceeds avg value of satellite, so flying with SpaceX means satellite is basically free."

Posted
by
BeauHDon Saturday June 17, 2017 @03:00AM
from the record-breaking dept.

slew writes: Science Magazine reports a team of physicists using the Chinese Micius satellite (launched back in August 2016) have sent quantum-entangled photons from a satellite to ground stations separated by 1200 kilometers, smashing the previous world record. Sending entangled photons through space instead of optical fiber networks with repeaters has long been the dream of those promoting quantum-key exchange for modern cryptography. Don't hold your breath yet, as this is only an experiment. They were only able to recover about 1000 photons out of about 6 billion sent and the two receiving stations were on Tibetan mountains to reduce the amount of air that needed to be traversed. Also the experiment was done at night to minimize interference from the sun. Still, baby steps... Next steps for the program: a bigger satellite for more power and moving to quantum teleportation instead of simple key exchange. The results of the experiment were published in the journal Science.